• Cong Wang's avatar
    btusb: fix a memory leak in btusb_send_frame() · 54a8a79c
    Cong Wang authored
    This patch fixes the following memory leak reported by kmemleak:
    
    unreferenced object 0xffff880060a53840 (size 192):
      comm "softirq", pid 0, jiffies 4320571771 (age 1406.569s)
      hex dump (first 32 bytes):
        01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
      backtrace:
        [<ffffffff81138a1c>] create_object+0x187/0x28b
        [<ffffffff814be12e>] kmemleak_alloc+0x73/0x98
        [<ffffffff811289d3>] __kmalloc+0xfc/0x123
        [<ffffffff81386546>] usb_alloc_urb+0x1e/0x48
        [<ffffffffa0130274>] btusb_send_frame+0x86/0x385 [btusb]
        [<ffffffffa02d8230>] hci_send_frame+0xa0/0xa5 [bluetooth]
        [<ffffffffa02d8a4e>] hci_cmd_task+0xa0/0xfb [bluetooth]
        [<ffffffff81058548>] tasklet_action+0x8f/0xef
        [<ffffffff81058a4c>] __do_softirq+0xf4/0x1db
        [<ffffffff81058bb7>] run_ksoftirqd+0x84/0x129
        [<ffffffff8106f1c4>] kthread+0xa0/0xa8
        [<ffffffff814dd144>] kernel_thread_helper+0x4/0x10
        [<ffffffffffffffff>] 0xffffffffffffffff
    
    The problem is that when inc_tx() returns non-zero, we forgot
    to call usb_free_urb().
    
    Cc: Marcel Holtmann <marcel@holtmann.org>
    Cc: "Gustavo F. Padovan" <padovan@profusion.mobi>
    Signed-off-by: default avatarWANG Cong <amwang@redhat.com>
    Acked-by: default avatarMarcel Holtmann <marcel@holtmann.org>
    Signed-off-by: default avatarGustavo F. Padovan <padovan@profusion.mobi>
    54a8a79c
btusb.c 29 KB